aboutsummaryrefslogtreecommitdiffstats
path: root/main/openrc/0006-mount-efivars-read-only.patch
diff options
context:
space:
mode:
authorWilliam Pitcock <nenolod@dereferenced.org>2017-02-01 04:25:20 +0000
committerWilliam Pitcock <nenolod@dereferenced.org>2017-02-01 04:25:20 +0000
commit8b144eccbdd2aef77839a9c59e49b78561d029c6 (patch)
tree1d9ff6f4f2b3b714045e57f19659a2cb9b17ea87 /main/openrc/0006-mount-efivars-read-only.patch
parent3cce6325120d259b1f4036ef1cc4623f1fc9fb6e (diff)
downloadaports-8b144eccbdd2aef77839a9c59e49b78561d029c6.tar.bz2
aports-8b144eccbdd2aef77839a9c59e49b78561d029c6.tar.xz
main/openrc: update to 0.23.2
Diffstat (limited to 'main/openrc/0006-mount-efivars-read-only.patch')
-rw-r--r--main/openrc/0006-mount-efivars-read-only.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/main/openrc/0006-mount-efivars-read-only.patch b/main/openrc/0006-mount-efivars-read-only.patch
new file mode 100644
index 0000000000..656cefa197
--- /dev/null
+++ b/main/openrc/0006-mount-efivars-read-only.patch
@@ -0,0 +1,27 @@
+From 6658bee44645724c17f6b41ab0cf146e5e0c0248 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Wed, 1 Feb 2017 04:18:53 +0000
+Subject: [PATCH 6/7] mount efivars read-only
+
+unintentional writes to efivars may result in bricked hardware. mount it
+read-only to play safe.
+---
+ init.d/sysfs.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/init.d/sysfs.in b/init.d/sysfs.in
+index 6d6ec62c..235aebc3 100644
+--- a/init.d/sysfs.in
++++ b/init.d/sysfs.in
+@@ -111,7 +111,7 @@ mount_misc()
+ ! mountinfo -q /sys/firmware/efi/efivars; then
+ if grep -qs efivarfs /proc/filesystems; then
+ ebegin "Mounting efivarfs filesystem"
+- mount -n -t efivarfs -o ${sysfs_opts} \
++ mount -n -t efivarfs -o ro,${sysfs_opts} \
+ efivarfs /sys/firmware/efi/efivars
+ eend $?
+ fi
+--
+2.11.0
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 11:12:01 +0000